Client access VPN can't access site-to-site VPN resources & Lack of stats on VPN Status
. I get very little info from the VPN monitor facility, only a green dot depicting a healthy VPN. There are no stats Throughput and Latency or other info.
Does that info only come with Meraki Auto VPNs ie a Meraki device at both ends. I have glanced at some literature that refers to VPN registers but again I think this involves Meraki - Meraki VPNs.
2. Having set up a client VPN link for working from home I am trying to get access to the site to site VPN.
I initially set up a firewall rule to allow the VPN subnet access to the main subnet. That allowed my PC at home access to every resource within our main office. When I tried adding the subnet at the distant end of the site to site VPN I fail to get access to the resources at the VPN distant end
First setting VPN subnet 192.168.101.0/24 ------------- Main Subnet 192.168.100.0/24 OK : can see all local resources
Second Setting 192.168.101.0/24 ------------ 192.168.100.0/24, 172.16.0.0/12 (added distant subnet) : Can still see main subnet but no access to distant subnet.
Both Main and VPN Subnet are enabled.
A tracert does not get past the MX 64 which suggests it is a firewall rule issue.
You can see from the settings above that I tried to inclide the VPN subnet in the forwarding rules but to no avail
yes both the main subnet 192.168.100.0/24 and the client VPN subnet 192.168.101.0/24 are ticked as "use VPN".
I had seen this point in an earlier suggested solution but on checking I noted that my vpn subnet was included.
I also got the distant end of the site2site vpn to include the subnet 192.168.101.0/24 but alas no success.
When I run tracert to the target 172.16.13.221 within the distant end subnet 172.16.0.0/12 the trace stops at 192.168.100.1 which is the Meraki device (firewall). This suggests to me that the firewall is preventing the bridge between the client vpn and the site to site vpn.
Furthermore I can remotely via the client vpn see all of the main subnet 192.168.100.0/24 and if I access my desktop located in the main office using remote desktop, I can then access all services on the distant end of the site to site vpn.
When I take my laptop into the office I can access everything.